Can openssl change a V1 to a V3 x509?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Can openssl change a V1 to a V3 x509?

David Templar
I am having a lot of problems importing a certificate made in openssl
into a phone, but I can get a keytool certificate imported. The only
thing is that I need to change the V1 cert (keytool only makes V1) to a
V3 cert - can openssl modify a cert to a V3 (without changing anything
else)?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Can openssl change a V1 to a V3 x509?

JoelKatz

> I am having a lot of problems importing a certificate made in openssl
> into a phone, but I can get a keytool certificate imported. The only
> thing is that I need to change the V1 cert (keytool only makes V1) to a
> V3 cert - can openssl modify a cert to a V3 (without changing anything
> else)?

        Certificates, by design, cannot be modified. Whoever or whatever issued the
certificate will have to issue a new one.

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Can openssl change a V1 to a V3 x509?

David Templar
Thanks!

David Schwartz wrote:

>>I am having a lot of problems importing a certificate made in openssl
>>into a phone, but I can get a keytool certificate imported. The only
>>thing is that I need to change the V1 cert (keytool only makes V1) to a
>>V3 cert - can openssl modify a cert to a V3 (without changing anything
>>else)?
>>    
>>
>
> Certificates, by design, cannot be modified. Whoever or whatever issued the
>certificate will have to issue a new one.
>
> DS
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>Development Mailing List                       [hidden email]
>Automated List Manager                           [hidden email]
>
>  
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]